Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
617 results
Sorted by:
3 weeks ago
Hello, I have the below code. I'm trying to create a new column that extracts and pivots CareCnts, CoverCnts, NonCoverCnts, etc... (There are more but I have simplified). These |eval are related to t...
Labels
- Labels:
-
eval
-
field extraction
10-19-2023
01:18 PM
Hello, I'm working in splunk enterprise 8.2.4 I have the below search index=Red msg="*COMPLETED Task*”
| spath output=logMessage path=msg
| rex field=logMessage "Message\|[^\t\{]*(?<json>{[^\...
07-19-2022
01:44 AM
Hi,
I habe a table after using stats:
| stats values(durationSum) as duration by Fauf Station. How can I convert it to a table with only one line in such a format:
Fauf duration_Station1 ...
Labels
- Labels:
-
stats
-
table
-
transaction
05-14-2014
09:46 AM
I want to use a 'where' clause (which allows the comparison of two fields) as a pivot constraint. My original search is
index=maillog (event=SEND OR event=RECEIVE)
Which gives me all the s...
- Tags:
- constraints
- pivot
06-06-2014
09:04 AM
1 Karma
I have to use a root search in a pivot due to needing to join another data type. Is there a way to get _time to extract as Time? I have setup an eval in the pivot to extract the _time field but it w...
10-20-2013
02:34 PM
...reate a pivot, I've discovered that I can't figure out how to filter the pivot on more than one value of a particular attribute. For example, I'd like to be able to filter my pivot down to customers t...
Show results in replies (6)
-
...ttribute in the data this should be doable. Then you could just build a pivot based on that object.
-
Unfortunately Pivot is currently limited by an inability to set up OR operations with its filters....
-
...ocumentation/Splunk/latest/Pivot/UsingthePivotvisualizationeditor#Configure_a_filter_element
-
I noticed that they have added options to pivot table filters. One that may fit here is "is in t...
-
...R, for being able to use checkboxes to drive my dashboard panel (pivot searches)
-
...ith underlying pivot search - input forms being able for the user to give several values as f...
02-20-2017
07:02 AM
I have index=webserver_logs and source=security_logs and can search both in a single query:
index=webserver_logs | append [search source=security_logs]
I get a table with all events and just sele...
04-26-2018
04:03 PM
I'm trying to figure out how to build an excel-like pivot table using 3 or more columns. As example, I have this data:
customer1 project1 note1
customer1 project2
customer1 p...
09-07-2010
07:09 PM
Hi, I have a few columns of data and I would like to generate a pivot table that is similar to the one in Excel.
As an example:
Date/City/Day/Response
-----------------
09-01/New York/Monday/Y...
